[Snort-users] Syslog and SNORT

Gregor Binder gbinder at ...462...
Tue Apr 3 18:00:45 EDT 2001


Tom Sevy on Tue, Apr 03, 2001 at 05:19:24PM -0400:

Tom,

> I would like to log *everything* from snort, but I don't want it
> broadcasting to users or the console.  I keep a single system running that
> catches syslogs from all systems on my network, and then, based on filtering
> & criteria, I send out pager notifications.

This (and many more useful things) can be done with syslog-ng:

  http://www.balabit.hu/en/products/syslog-ng/

You will not be able to send packet traces over syslog though.

Regards,

-- 
Gregor Binder       <gregor.binder at ...462...>      http://sysfive.com/
sysfive.com GmbH               UNIX. Networking. Security. Applications.
PGP id: 0x20C6DA55 fp: 18AB 2DD0 F8FA D710 1EDC A97A B128 01C0 20C6 DA55




More information about the Snort-users mailing list